Julian/phpbb_board3-portal_tlw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #573 from marc1706/ticket/571

Browse Source 
[ticket/571] Intval more variables and fix validation issues
This commit is contained in:
Marc Alexander
2015-06-06 18:00:57 +02:00
parent 04d4cc50af 0665dba08f
commit f92ef62843
21 changed files with 113 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
modules/calendar.php
View File

@@ -313,8 +313,8 @@ class calendar extends module_base
$this->template->assign_block_vars('minical.cur_events', array(
'EVENT_URL' => (isset($cur_event['url']) && $cur_event['url'] != '') ? $this->validate_url($cur_event['url']) : '',
'EVENT_TITLE' => $cur_event['title'],
'START_TIME' => $this->user->format_date($cur_event['start_time'], 'j. M Y, H:i'),
'END_TIME' => (!empty($cur_event['end_time'])) ? $this->user->format_date($cur_event['end_time'], 'j. M Y, H:i') : false,
'START_TIME' => $this->user->format_date($cur_event['start_time']),
'END_TIME' => (!empty($cur_event['end_time'])) ? $this->user->format_date($cur_event['end_time']) : false,
'EVENT_DESC' => (isset($cur_event['desc']) && $cur_event['desc'] != '') ? $cur_event['desc'] : '',
'ALL_DAY' => ($cur_event['all_day']) ? true : false,
'MODULE_ID' => $module_id,
@@ -326,8 +326,8 @@ class calendar extends module_base
$this->template->assign_block_vars('minical.upcoming_events', array(
'EVENT_URL' => (isset($cur_event['url']) && $cur_event['url'] != '') ? $this->validate_url($cur_event['url']) : '',
'EVENT_TITLE' => $cur_event['title'],
'START_TIME' => $this->user->format_date($cur_event['start_time'], 'j. M Y, H:i'),
'END_TIME' => (!$cur_event['all_day']) ? $this->user->format_date($cur_event['end_time'], 'j. M Y, H:i') : '',
'START_TIME' => $this->user->format_date($cur_event['start_time']),
'END_TIME' => (!$cur_event['all_day']) ? $this->user->format_date($cur_event['end_time']) : '',
'EVENT_DESC' => (isset($cur_event['desc']) && $cur_event['desc'] != '') ? $cur_event['desc'] : '',
'ALL_DAY' => (($cur_event['start_time'] - $cur_event['end_time']) == 1) ? true : false,
'MODULE_ID' => $module_id,
@@ -426,7 +426,7 @@ class calendar extends module_base
$events = (strlen($portal_config['board3_calendar_events_' . $module_id]) >= 1) ? json_decode($portal_config['board3_calendar_events_' . $module_id], true) : array();
// append_sid() adds adm/ already, no need to add it here
$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&mode=config&module_id=' . $module_id);
$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&mode=config&module_id=' . $module_id);
switch ($action)
{
@@ -613,17 +613,12 @@ class calendar extends module_base
for ($i = 0; $i < sizeof($events); $i++)
{
$event_all_day = ($events[$i]['all_day'] == true) ? true : false;
$start_time_format = (!intval($this->user->format_date($events[$i]['start_time'], 'H')) && !intval($this->user->format_date($events[$i]['start_time'], 'i'))) ? 'j. M Y' : 'j. M Y, H:i';
if (!empty($events[$i]['end_time']))
{
$end_time_format = (!intval($this->user->format_date($events[$i]['end_time'], 'H')) && !intval($this->user->format_date($events[$i]['end_time'], 'i'))) ? 'j. M Y' : 'j. M Y, H:i';
}
$this->template->assign_block_vars('events', array(
'EVENT_TITLE' => ($action != 'add') ? ((isset($this->user->lang[$events[$i]['title']])) ? $this->user->lang[$events[$i]['title']] : $events[$i]['title']) : '',
'EVENT_DESC' => ($action != 'add') ? $events[$i]['desc'] : '',
'EVENT_START' => ($action != 'add') ? $this->user->format_date($events[$i]['start_time'], $start_time_format) : '',
'EVENT_END' => ($action != 'add' && !$event_all_day && !empty($end_time_format)) ? $this->user->format_date($events[$i]['end_time'], $end_time_format) : '',
'EVENT_START' => ($action != 'add') ? $this->user->format_date($events[$i]['start_time']) : '',
'EVENT_END' => ($action != 'add' && !$event_all_day && !empty($end_time_format)) ? $this->user->format_date($events[$i]['end_time']) : '',
'EVENT_URL' => ($action != 'add' && isset($events[$i]['url']) && !empty($events[$i]['url'])) ? $this->validate_url($events[$i]['url']) : '',
'EVENT_URL_RAW' => ($action != 'add' && isset($events[$i]['url']) && !empty($events[$i]['url'])) ? $events[$i]['url'] : '',
'U_EDIT' => $u_action . '&amp;action=edit&amp;id=' . $i,

2
modules/custom.php
View File

@@ -187,7 +187,7 @@ class custom extends module_base
$portal_config = obtain_portal_config();
$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
switch ($action)
{

2
modules/links.php
View File

@@ -249,7 +249,7 @@ class links extends module_base
$links = json_decode($portal_config['board3_links_array_' . $module_id], true);
$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
switch ($action)
{

2
modules/main_menu.php
View File

@@ -304,7 +304,7 @@ class main_menu extends module_base
$links = json_decode($portal_config['board3_menu_array_' . $module_id], true);
$u_action = append_sid('index.' . $this->php_ext, 'i=%5Cboard3%5Cportal%5Cacp%5Cportal_module&amp;mode=config&amp;module_id=' . $module_id);
$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
switch ($action)
{

36
modules/poll.php
View File

@@ -199,8 +199,8 @@ class poll extends module_base
{
$sql = 'SELECT poll_option_id
FROM ' . POLL_VOTES_TABLE . '
WHERE topic_id = ' . $up_topic_id . '
AND vote_user_id = ' . $this->user->data['user_id'];
WHERE topic_id = ' . (int) $up_topic_id . '
AND vote_user_id = ' . (int) $this->user->data['user_id'];
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result))
@@ -222,8 +222,10 @@ class poll extends module_base
}
$sql = 'SELECT t.poll_length, t.poll_start, t.poll_vote_change, t.topic_status, f.forum_status, t.poll_max_options
FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE t.forum_id = f.forum_id AND t.topic_id = " . (int) $up_topic_id . " AND t.forum_id = " . (int) $up_forum_id;
FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE t.forum_id = f.forum_id
AND t.topic_id = " . (int) $up_topic_id . "
AND t.forum_id = " . (int) $up_forum_id;
$result = $this->db->sql_query_limit($sql, 1);
$topic_data = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
@@ -312,8 +314,8 @@ class poll extends module_base
}
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET poll_last_vote = ' . time() . "
WHERE topic_id = $up_topic_id";
SET poll_last_vote = ' . time() . '
WHERE topic_id = ' . (int) $up_topic_id;
//, topic_last_post_time = ' . time() . " -- for bumping topics with new votes, ignore for now
$this->db->sql_query($sql);
@@ -351,7 +353,7 @@ class poll extends module_base
if ($this->config['board3_poll_hide_' . $module_id])
{
$portal_poll_hide = "AND (t.poll_start + t.poll_length > ". time() ." OR t.poll_length = 0)";
$portal_poll_hide = 'AND (t.poll_start + t.poll_length > ' . time() . ' OR t.poll_length = 0)';
}
else
{
@@ -362,13 +364,15 @@ class poll extends module_base
{
$sql = 'SELECT t.poll_title, t.poll_start, t.topic_id, t.topic_first_post_id, t.forum_id, t.poll_length, t.poll_vote_change, t.poll_max_options, t.topic_status, f.forum_status, p.bbcode_bitfield, p.bbcode_uid
FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
WHERE t.forum_id = f.forum_id AND t.topic_visibility = 1 AND t.poll_start > 0
FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
WHERE t.forum_id = f.forum_id
AND t.topic_visibility = 1
AND t.poll_start > 0
{$where}
AND t.topic_moved_id = 0
AND p.post_id = t.topic_first_post_id
{$portal_poll_hide}
ORDER BY t.poll_start DESC";
ORDER BY t.poll_start DESC";
$limit = (isset($this->config['board3_poll_limit_' . $module_id])) ? $this->config['board3_poll_limit_' . $module_id] : 3;
$result = $this->db->sql_query_limit($sql, $limit);
$has_poll = false;
@@ -390,8 +394,8 @@ class poll extends module_base
{
$vote_sql = 'SELECT poll_option_id
FROM ' . POLL_VOTES_TABLE . '
WHERE topic_id = ' . $topic_id . '
AND vote_user_id = ' . $this->user->data['user_id'];
WHERE topic_id = ' . (int) $topic_id . '
AND vote_user_id = ' . (int) $this->user->data['user_id'];
$vote_result = $this->db->sql_query($vote_sql);
while ($row = $this->db->sql_fetchrow($vote_result))
@@ -426,9 +430,9 @@ class poll extends module_base
$s_display_results = (!$s_can_vote || ($s_can_vote && sizeof($cur_voted_id)) || ($view == 'viewpoll' && in_array($topic_id, $poll_view_ar))) ? true : false;
$poll_sql = 'SELECT po.poll_option_id, po.poll_option_text, po.poll_option_total
FROM ' . POLL_OPTIONS_TABLE . " po
WHERE po.topic_id = {$topic_id}
ORDER BY po.poll_option_id";
FROM ' . POLL_OPTIONS_TABLE . ' po
WHERE po.topic_id = ' . (int) $topic_id .'
ORDER BY po.poll_option_id';
$poll_result = $this->db->sql_query($poll_sql);
$poll_total_votes = 0;
@@ -483,7 +487,7 @@ class poll extends module_base
$this->template->assign_block_vars(($type !== '') ? 'poll_' . $type : 'poll', array(
'S_POLL_HAS_OPTIONS' => $poll_has_options,
'POLL_QUESTION' => $data['poll_title'],
'U_POLL_TOPIC' => append_sid($this->phpbb_root_path . 'viewtopic.' . $this->php_ext . '?t=' . $topic_id . '&amp;f=' . $forum_id),
'U_POLL_TOPIC' => append_sid($this->phpbb_root_path . 'viewtopic.' . $this->php_ext, 't=' . $topic_id . '&amp;f=' . $forum_id),
'POLL_LENGTH' => $data['poll_length'],
'TOPIC_ID' => $topic_id,
'TOTAL_VOTES' => $poll_total_votes,

2
modules/random_member.php
View File

@@ -127,7 +127,7 @@ class random_member extends module_base
'USER_POSTS' => (int) $row['user_posts'],
'AVATAR_IMG' => $avatar_img,
'JOINED' => $this->user->format_date($row['user_regdate'], 'd.M.Y'),
'JOINED' => $this->user->format_date($row['user_regdate']),
// 'USER_OCC' => censor_text($row['user_occ']),
// 'USER_FROM' => censor_text($row['user_from']),
// 'U_WWW' => censor_text($row['user_website']),

2
modules/user_menu.php
View File

@@ -127,7 +127,7 @@ class user_menu extends module_base
$sql = 'SELECT COUNT(DISTINCT t.topic_id) as total
FROM ' . TOPICS_TABLE . ' t
WHERE t.topic_last_post_time > ' . $this->user->data['user_lastvisit'] . '
WHERE t.topic_last_post_time > ' . (int) $this->user->data['user_lastvisit'] . '
AND t.topic_moved_id = 0
' . str_replace(array('p.', 'post_'), array('t.', 'topic_'), $m_approve_fid_sql) . '
' . ((sizeof($ex_fid_ary)) ? 'AND ' . $this->db->sql_in_set('t.forum_id', $ex_fid_ary, true) : '');

2
modules/welcome.php
View File

@@ -171,7 +171,7 @@ class welcome extends module_base
$portal_config = obtain_portal_config();
$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
switch($action)
{

4
modules/whois_online.php
View File

@@ -112,11 +112,11 @@ class whois_online extends module_base
LEFT JOIN ' . USER_GROUP_TABLE . ' ug
ON (
g.group_id = ug.group_id
AND ug.user_id = ' . $this->user->data['user_id'] . '
AND ug.user_id = ' . (int) $this->user->data['user_id'] . '
AND ug.user_pending = 0
)
WHERE g.group_legend > 0
AND (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $this->user->data['user_id'] . ')
AND (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . (int) $this->user->data['user_id'] . ')
ORDER BY g.' . $order_legend . ' ASC';
}
$result = $this->db->sql_query($sql);